Blog

Pondera FraudCast Blog

Pondera FraudCast

Welcome to the Pondera FraudCast, a weekly blog where we post information on fraud trends, lessons learned from client engagements, and observations from our investigators in the field. We hope you’ll check back often to stay current with our efforts to combat fraud, waste, and abuse in large government programs.

In their never-ending quest to circumvent the law, unscrupulous business owners are now adopting the use of so-called “zapper” software to avoid paying sales taxes. Zapper software automatically deletes a portion of cash sale transactions and then automatically reconciles the business’s back end finances to make it appear that the businesses paid the appropriate amount of taxes. This scheme reduces tax collections for governments and passes the burden to the vast majority of businesses who choose to act within the law.

Thanks to a crackdown by federal and local officials, recent arrests include $1 million in unreported sales at Cesar’s Restaurant in Lakeview, IL (home of the “killer margarita”) and $800,0000 at the Lao Sze Chaun restaurant in Milford, CT. However, a simple Google search will reveal that almost no city is immune to the zappers.

Zapper software is so popular that some businesses are now starting to offer it to their clients. In December, for example, a Canadian man pled guilty to selling zapper software to eight restaurants in the Seattle area leading to $3.5 million of taxes avoided. It is alleged that his company, which sells Point of Sale (POS) software, also sold the illegal zapper software through a subsidiary in China. After the sale of the software, they even offered to support their customers with their ongoing efforts to defraud the government.

Zapper software, while somewhat novel, is just another attempt to apply technology to skirt the law. And while law enforcement training and targeted audits will surely help detect some of these modern-age fraudsters, analytics that use peer comparisons, spike indicators, and other statistically rigorous detection methods can also help detect the problem early. Like the old saying goes, it takes fire to fight fire.

Related Posts

At a time when people are replacing credit cards and ATMs with their smart phones, it seems that California is recommending increased use of armored cars. The reason? On January 1st, recreational marijuana will be legal in California but still illegal at the federal level requiring marijuana business to pay their sales taxes in cash.

The issue is that banks are still unsure of how to handle marijuana businesses’ money without being subject to prosecution for issues like money laundering. The Justice Department has issued “guidelines” to banks on how to avoid prosecution but most banks don’t consider guidelines as legal protection. And not surprisingly, the guidelines are confusing and incomplete. This leads to a cash-based business, which in turn creates the potential for fraud, money laundering, underreporting taxes, and a whole host of other issues.

In California, the marijuana industry is expected to grow to as much as $7 billion a year in revenues. In anticipation of this, State Treasurer John Chiang formed a task force to figure out how to collect and transport the funds. Their recommendation, among others, was armored cars. Ugh. But who can blame them? Colorado tried to set up a credit union specifically for the marijuana industry but it was denied by the Federal Reserve in 2015. So, there’s not a lot of great options out there.

I, for one, will be closely watching the rollout of legal recreational marijuana. With a healthy tax of around 15%, a University of California Agricultural Issues study claims that 29% of marijuana users may choose to buy the drug illegally. Those sales likely won’t be reported, won’t be taxed, and won’t end up in armored cars.

Anyone who has recently attended college or has a family member in college likely has some familiarity with student loans. In fact, 40 million Americans currently have student loans totaling an astounding $1.2 trillion dollars. Many of those who have applied for loans have been victimized by methods such as “advanced fee scams” that promise the best rate for an upfront service fee, or the ever-present loan elimination scams.

With easy access to stolen identities, fraudsters are now targeting the more lucrative loans themselves. Using stolen IDs, they enroll in classes which they, of course, never attend. Loans are made by the government, payments are not, and the unsuspecting “owner” of the loan goes into default when the fraudsters don’t make their payments.

In Grand Rapids, Michigan, a man was indicted last month for this exact scheme. He faces up to 20 years in prison for allegedly using stolen IDs to steal $150,000 in loans and grant aid. A quick check of the government’s paymentaccuracy.org website shows that he is not alone. Between the William D. Ford Federal Direct Loan Program and the Federal Pell Grant Program, $6.1 billion was improperly paid in 2016 alone.

While many of the improper payments are made to people who simply do not qualify based on income, an increasing number of loans are being made to outright fraudsters. Some estimates place the number of known fraud ring participants as high as 85,000 people. This victimizes the taxpayer, of course, but even more directly the person whose identity is stolen. It can take months or even years to clean up your credit. That’s one lesson I hope I never need to learn.

By this time, just about everyone has watched or read a news report about the WannaCry ransomware attack that hit the world’s computer networks on May 12th. Multiple variants of the program will likely attack computers for the foreseeable future, forcing individuals to pay bitcoin ransom or lose their data and causing serious harm to businesses including hospitals and governments.

Plenty has been written about the source of the attack and how it works. So, while every “connected” person should read about WannaCry to help protect themselves against future attacks, I don’t see any need to cover this ground here. For me, though, two interesting facets of the story really stand out.

First, I find it fascinating and somewhat inspiring that the attack was stopped by a 22-year-old vacationing cyber analyst who goes by the name MalwareTech; with assistance from his colleague Kafeine. These two, and countless others, operate in a world that most of us know almost nothing about to keep our systems safe. It reminds me of the classic Jack Nicholson speech from “A Few Good Men” where he excoriates Tom Cruise for challenging him while he protects our safety. Of course, in this example, there is no evidence of MalwareTech or Kafeine “fragging” any of their tech colleagues.

The second interesting point I took form this attack was that most of us could have protected ourselves simply by updating our operating systems and virus protection software. This is a conversation I’ve had innumerable times with my own family. Of course, this also puts software manufacturers in the difficult position of patching years-old operating systems to accommodate those who won’t or can’t upgrade.

Bottom line for me: this is just another reminder to remain vigilant and to be thankful for the computer techs who have dedicated their careers to protecting us from those who have chosen to attack us. I hope you can “handle that truth”.

While shopping for groceries this week, my wife turned from her cart when a man stumbled and fell in the aisle. Less than 30 seconds later, she noticed that her wallet was missing from her purse which was sitting in the cart. Total distance from her wallet: 5 feet.

Within 3 minutes, she’d called me and alerted the store about what had happened. Within 15 minutes, I’d blocked our ATM card, our credit card, and a specialty retailer card. Total Time: 18 minutes and 30 seconds.

What had the robbery netted? A $1,000 gift card purchased at a kiosk at a nearby retailer with our credit card. A second $1,000 gift card purchased at the same kiosk with our ATM card (I was under the mistaken impression that this would require the PIN number). And a $5,000 gift card purchased with the specialty retailer card. Total take: $7,000. In just 18 1/2 minutes.

Of course, the thieves also got away with about $150 in cash and my wife’s driver license. She was worried that we were going to be robbed that evening “because they now had our address” but I convinced her that “having our address” made us no more likely to be robbed. We also freeze our credit which offers us some protection from identity theft. So this gave us some comfort.

After this incident, I wondered just how much “old fashioned” credit card fraud still exists in the United States. As it turns out, quite a bit, as 23% of the $3 billion in annual credit card fraud is still the result of lost or stolen cards. I was surprised at this number given today’s more sophisticated identity theft and forgery schemes.

As often is the case with fraud though, the aftermath can be even more costly than the initial theft. Financially, even though we were not directly responsible for the fraudulent transactions, in the end, we pay through higher fees and rates. And of course, it’s very difficult to assign a cost to the trauma of being robbed at your neighborhood grocery store.

The lesson in all of this for me? While it’s important to protect your identity online, don’t forget that thieves still snatch wallets, look for credit card offers in your mailbox and trash, and call your home to try to trick or intimidate you into providing sensitive information.

As the residents of Houston and surrounding areas continue to struggle with the devastation caused by Hurricane Harvey, history shows us that problems will continue long after the homes and businesses have been repaired. Every large natural disaster in this country follows the same pattern: destruction brought on by the disaster, followed by looting and price gouging, followed by huge amounts of fraud committed in the chase for assistance money.

In Texas, all three seem to be occurring at once. We’ve all seen the heartbreaking images and videos of families who have lost everything, unfortunately including those who lost their lives. We’ve also seen the inspiring stories of ordinary people that risk their lives to help a neighbor, a stranger, or a lost family pet.

Now, of course, the looting stories are beginning to circulate. In this case, it appears that law enforcement is doing all that it can to protect life and property, including announcing mandatory jail time for all thieves and burglars. However, the scammers are wasting no time setting up Facebook pages and sending out tweets with links to “relief organizations” that are actually designed to steal money from those who want to help.

I have no doubt that this fraud activity will only increase. Consider these examples following previous disasters:

- Dozens of people were convicted of using fraudulent psychiatric claims following 9/11 to steal up to $50,000 per year in Social Security disability payments.

- A New Jersey man was one of hundreds to receive relief funding (in his case $171,099) after falsely claiming his primary residence was a home damaged by Hurricane Sandy.

- An Alabama woman filed 28 claims for disaster assistance in 5 states following Hurricane Katrina.

Unfortunately, fraud thrives at the intersection of vulnerable populations and large amounts of money. And Hurricane Harvey creates this intersection by displacing so many families, by invoking a government response, and by tapping into the giving spirit of caring Americans.

Even more unfortunate is the fact that most of the fraud will go undetected and unprosecuted. Consider that the vast majority of the 22,000 cases of potential fraud passed to the government's Katrina task force were never prosecuted. And it is likely that FEMA collected less than 5% of the estimated billion dollars of fraud following the Hurricane. Only by increased enforcement and stricter sentencing will we be able to break this heinous pattern. And, to me at least, this is a pattern worth breaking.

While I don’t often review books on this blog, I feel compelled to share my thoughts on American Kingpin by Nick Bilton, which chronicles the history of the Silk Road. For those who don’t know, the Silk Road was a market on the dark web that sold drugs, weapons, poisons, and even human body parts. By the time it was shut down in 2013, the site was selling over $1 billion per year.

The book offers fascinating insights into the dark web, the libertarian creator of the site, the investigators who worked to shut it down, and the political schisms that often make it possible to run sites like the Silk Road. And of course, the book has great relevance to the fraud detection business because fraudsters often acquire identities on the dark web to create fictitious businesses, file for tax refunds, and make fake unemployment insurance claims.

While American Kingpin ended with the shutdown of the Silk Road and the prosecutions of the major actors behind the market, it is important to note that similar sites continue to operate on the dark web. In fact, just days after I finished reading the book, Attorney General Jeff Sessions announced that the FBI had shut down a similar site 10 times the size of the Silk Road. At the time this site was shut down last month, it contained 369,000 listings for drugs, weapons, malware, chemicals, counterfeit items, and more.

This is a sobering reminder of the challenges facing law enforcement when dealing with anonymous browsers like TOR, the Bitcoin cryptocurrency, and international crime rings. The dark web is not going away. Neither is the demand for illicit items. It will be interesting to see how this “cat and mouse” games plays out over the coming years.